New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cisco released hotfix and statement #94

Closed

an3k opened this issue Jan 24, 2014 · 1 comment

an3k commented Jan 24, 2014

Hotfix:
WAP4410N - http://software.cisco.com/download/release.html?mdfid=282414137&flowid=6785&softwareid=282463166&release=2.0.7.4&relind=AVAILABLE&rellifecycle=&reltype=latest
WRVS4400N - http://software.cisco.com/download/release.html?mdfid=282414016&softwareid=282487380&release=2.0.2.2&relind=AVAILABLE&rellifecycle=&reltype=latest
RVS4000 - not yet released, will be available at http://software.cisco.com/download/release.html?mdfid=282414013&softwareid=282465789&release=2.0.3.2&relind=AVAILABLE&rellifecycle=&reltype=latest

Statement:
http://www.cisco.com/en/US/products/csa/cisco-sa-20140110-sbd.html

WAP4410N and WRVS4400N are NO LONGER vulnerable. RVS4000 is still vulnerable but firmware update will be released soon.

Owner

elvanderb commented Apr 22, 2014

I forgot to thank you :)
I reviewed the WAP4410N fix and it correctly fix the backdoor, scfgmgr now only accept connexions from localhost.

elvanderb closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment